package com.capgemini.simpleappblanche.helper.security;

import java.util.Set;

import org.springframework.security.access.expression.SecurityExpressionRoot;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;

import com.capgemini.simpleappblanche.domain.security.User;

/**
 * Create own "expression" to test to authorize method
 * @author jdorchie
 */
public class CustomSecurityExpressionRoot extends SecurityExpressionRoot  {

    /**
     * constructor
     * @param a Authentication
     */
    public CustomSecurityExpressionRoot(Authentication a) {
        super(a);
    }


    /**
     * check if user contain given permission
     * @param permission permission to check
     * @return true if logged user contain the permission to check
     */
    public boolean hasPermission(String permission) {
        Authentication a = getAuthentication();
        
        Set<String> perms = AuthorityUtils.authorityListToSet(((User)a.getPrincipal()).getPermissions());
        
        return perms.contains(permission);
    }
    
    

    
//    public boolean hasRoleAgency(String role) {
//        Authentication a = getAuthentication();
//        return hasRole(role);
//    }

}
